Embed Size (px)
Citation preview
Oracle® Linux Virtualization Manager
Installation Guide
F15081-02September 2019
Oracle Legal Notices
Copyright © 2019, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protectedby intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce,translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverseengineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report themto us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, thenthe following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware,and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal AcquisitionRegulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs,including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to licenseterms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended foruse in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardwarein dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure itssafe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerousapplications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and aretrademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks orregistered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information about content, products, and services from third parties.Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content,products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will notbe responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as setforth in an applicable agreement between you and Oracle.
iii
Table of ContentsAbout this document ........................................................................................................................... v1 Planning for Oracle Linux Virtualization Manager .............................................................................. 1
Oracle Linux Virtualization Manager ............................................................................................ 1Users, Roles, and Permissions ........................................................................................... 2Data Centers ...................................................................................................................... 2Metrics Store and Dashboards ............................................................................................ 3Log File Collection ............................................................................................................. 3Backup and Restore ........................................................................................................... 3Data Center Recovery ........................................................................................................ 3
Compute .................................................................................................................................... 3Clusters ............................................................................................................................. 4Virtual Machines ................................................................................................................. 4Scheduling, Load Balancing and Migration .......................................................................... 6High Availability .................................................................................................................. 6
Storage ...................................................................................................................................... 7Storage Domains ................................................................................................................ 7Local Storage ..................................................................................................................... 8Storage Pool Manager ........................................................................................................ 8Virtual Disks ....................................................................................................................... 8
Network ..................................................................................................................................... 9Logical Networks ................................................................................................................ 9VLANs ............................................................................................................................. 10Bonds .............................................................................................................................. 11Virtual NICs ...................................................................................................................... 11
2 Installing the Manager ................................................................................................................... 13Manager Host Requirements ..................................................................................................... 13Installing the Manager .............................................................................................................. 14Configuring the Manager .......................................................................................................... 15Manager Configuration Options ................................................................................................. 16Logging in to the Administration Portal ...................................................................................... 21Manager Host Firewall Requirements ........................................................................................ 22
3 Installing KVM Compute Hosts ....................................................................................................... 25KVM Compute Host Requirements ............................................................................................ 25Configuring a KVM Compute Host ............................................................................................ 26Adding a KVM Compute Host to the Manager ........................................................................... 28KVM Compute Host Firewall Requirements ............................................................................... 29
iv
v
About this documentThis document is part of the documentation for Oracle Linux Virtualization Manager, which is available at:http://docs.oracle.com/cd/F15085_01
The documentation consists of the following items:
Oracle Linux Virtualization Manager Release Notes
This document provides a summary of the new features, changes, fixed bugs, and known issues in theOracle Linux Virtualization Manager. It contains last-minute information, which may not be includedin the main body of documentation, and information on Oracle Linux Virtualization Manager systemrequirements.Read this document before you install your environment.
Oracle Linux Virtualization Manager Installation Guide
This document provides an overview of the Oracle Linux Virtualization Manager and explains how toinstall the Oracle Linux Virtualization Manager environment, including important information, such assystem requirements, for planning your virtualization environment.
Oracle Linux Virtualization Manager Getting Started Guide
This document explains how to get started with the Oracle Linux Virtualization Manager. It provides anexample scenario that covers some of the basic procedures for setting up the environment, such as,adding hosts, adding storage, creating virtual machines, and so on.
Document generated on: 2019-09-26 (revision: 605)
vi
1
Chapter 1 Planning for Oracle Linux Virtualization Manager
Table of ContentsOracle Linux Virtualization Manager .................................................................................................... 1
Users, Roles, and Permissions ................................................................................................... 2Data Centers .............................................................................................................................. 2Metrics Store and Dashboards .................................................................................................... 3Log File Collection ..................................................................................................................... 3Backup and Restore ................................................................................................................... 3Data Center Recovery ................................................................................................................ 3
Compute ............................................................................................................................................ 3Clusters ..................................................................................................................................... 4Virtual Machines ......................................................................................................................... 4Scheduling, Load Balancing and Migration .................................................................................. 6High Availability .......................................................................................................................... 6
Storage .............................................................................................................................................. 7Storage Domains ........................................................................................................................ 7Local Storage ............................................................................................................................. 8Storage Pool Manager ................................................................................................................ 8Virtual Disks ............................................................................................................................... 8
Network ............................................................................................................................................. 9Logical Networks ........................................................................................................................ 9VLANs ..................................................................................................................................... 10Bonds ...................................................................................................................................... 11Virtual NICs .............................................................................................................................. 11
The following information helps you plan your installation of Oracle Linux Virtualization Manager, includingthe compute, storage and network components.
Oracle Linux Virtualization Manager
Oracle Linux Virtualization Manager is the management center for the environment. It is used to manageall aspects of virtual machines as well as storage, networks, performance and security.
The Oracle Linux Virtualization Manager is accessed through the Administration Portal where users can bemanaged with built-in roles and permissions. Data warehousing and reporting depend on the history andreports databases which can be optionally installed during the setup.
The Oracle Linux Virtualization Manager incorporates the following functions:
• Network management creates logical networks and connects them to hosts and VMs
• Storage management manages storage domains and virtual disks
• Fault tolerance includes high availability, backup and restore, live migration
• Scheduling policies are for load balancing, enforcing policy rules for guests, hosts, etc.
• Image management manages virtual machine pools, snapshots, and block based device provisioning
• Monitoring manages workloads, events and notifications
Users, Roles, and Permissions
2
Users, Roles, and Permissions
User properties consist of the roles and permissions assigned to a user. The security roles for all actionsand objects in the platform are granular, inheritable, and provide for multi-level administration.
Roles are sets of permissions defined in the Administration Portal and are used to specify permissions toresources in the environment. There are two types of roles:
• Administrator Role
Conveys management permissions of physical and virtual resources through the Administration Portal.Examples of roles within this group are SuperUser, ClusterAdmin and DataCenterAdmin.
• User Role
Conveys permissions for managing and accessing virtual machines and templates through the VM Portalby filtering what is visible to a user. Roles can be assigned to the users for individual resources, or levelsof objects. Examples of roles within this group are UserRole, PowerUserRole and UserVmManager.
It is possible to create new roles with specific permissions applicable to a user's role within theenvironment. It is also possible to remove specific permissions to a resource from a role assigned to aspecific user.
You can also use an external directory server to provide user account and authentication services. You canuse Active Directory, OpenLDAP, and 389ds. Use the ovirt-engine-extension-aaa-ldap-setupcommand to configure the connection to these directories.
Data Centers
A data center is a high-level logical entity for all physical and logical resources in the environment. You canhave multiple data centers and all the data centers are controlled from a single Administration Portal.
A default data center is created during installation. Data centers have four associated objects:
• Cluster
A cluster is an association of physical hosts sharing the same storage domains and having compatibleprocessors. Every cluster belongs to a data center; every host belongs to a cluster. A cluster has to havea minimum of one host, and at least one active host is required to connect the system to a storage pool.
• Host
Hosts, or hypervisors, are the physical servers that run virtual machines (VMs). You must have at leastone host in a cluster.
• Storage Domain
Data centers must have at least one data storage domain. Set up the data storage domain of the typerequired for the data center: NFS, iSCSI, FCP or Local.
• Logical Network
Logical networks are required for Oracle Linux Virtualization Manager to communicate with allcomponents for a data center. Logical networks are also used for the virtual machines to communicatewith hosts and storage, for connecting clients to virtual machine resources, and for migrating virtualmachines between the hosts in a cluster.
Metrics Store and Dashboards
3
To initialize a data center, you must add a cluster, a host, and a storage domain.
Metrics Store and Dashboards
The Metrics Store enables you to collect logs and metrics from Oracle Linux Virtualization Manager and toview the analysis through a set of predefined visualizations known as dashboards.
Dashboards enable you to quickly access a wide range of metrics and are changeable.
Log Analysis enables you to examine the data collected from Oracle Linux Virtualization Manager. Eachset of results collected is called a document, which are collected from the following log files:
• /var/log/ovirt-engine/engine.log contains all Oracle Linux Virtualization Manager UI crashes,Active Directory lookups, database issues, and other events.
• /var/log/vdsm/vdsm.log is the log file for VDSM, the Manager's agent on the virtualization host(s),and contains host-related events.
Log File Collection
The ovirt-log-collector tool enables you to collect relevant logs from across the environment. Touse the tool, you must log into the Oracle Linux Virtualization Manager host as the root user and log intothe Administration Portal with administration credentials.
The tool collects all logs from the Manager host, the Oracle Linux KVM hosts it manages, and thedatabase.
Backup and Restore
You use the engine-backup tool to take regular backups of the Oracle Linux Virtualization Manager.The tool backs up the engine database and configuration files into a single file and can be run withoutinterrupting the ovirt-engine service.
You also use the engine-backup tool to restore a backup. However, the steps you need to take can bemore involved depending on your restoration destination. For example, the engine-backup tool can beused to restore backups to fresh installations of Oracle Linux Virtualization Manager, on top of existinginstallations of Oracle Linux Virtualization Manager, and using local or remote databases.
If you restore a backup to a fresh installation of Oracle Linux Virtualization Manager, you do not run theengine-setup command to configure the Manager.
Data Center Recovery
You use data center recovery if the data in your master data domain gets corrupted. This enables you toreplace the master data domain of a data center with a new master data domain.
Reinitializing a data center enables you to restore all other resources associated with the data center,including clusters, hosts, and storage domains. You can import any backup or exported virtual machines ortemplates into the new master data domain.
Compute
Oracle Linux KVM compute hosts are the hypervisors, that is, the physical servers that run virtualmachines (VMs). Oracle Linux Virtualization Manager can manage a maximum of 64 KVM compute hosts.
Clusters
4
KVM compute hosts can run multiple VMs concurrently and the VMs can run Windows or Linux operatingsystems. The VMs run as individual Linux processes and threads on the KVM compute host. Virtualmachines are managed remotely either from the Administration Portal (administrator users) or from the VMPortal (non-administrator users).
The Cockpit web interface enables you to monitor a KVM compute host's resources and to performadministrative tasks. Cockpit must be installed and enabled separately. You can access a host's Cockpitweb interface from the Administration Portal or by connecting directly to the host.
Clusters
A cluster consists of one or more logical grouping of Oracle Linux KVM compute hosts on which acollection of virtual machines can run.
The KVM compute hosts in a cluster share the same storage domains and have the same type of CPU(either Intel or AMD).
Each cluster in the environment must belong to a data center and each KVM host must belong to a cluster.
At installation, a default cluster is created in the default data center.
Virtual machines are dynamically allocated to any KVM compute host in the cluster and can be migratedbetween them, according to policies defined on the cluster and settings on the virtual machines. Thecluster is the highest level at which power and load-sharing policies can be defined. Since virtual machinesare not bound to any specific host in the cluster, virtual machines always start even if one or more of thehosts are unavailable.
Scheduling policies enable you to specify the usage and distribution of virtual machines betweenavailable hosts. You can define the scheduling policy to enable automatic load balancing across thehosts in a cluster. Regardless of the scheduling policy, a virtual machine does not start on a host with anoverloaded CPU. By default, a host’s CPU is considered overloaded if it has a load of more than 80%for 5 minutes, but these values can be changed using scheduling policies. For more information, seeScheduling, Load Balancing and Migration.
Migration policies enable you to define the conditions for live migrating virtual machines in the event ofKVM compute host failure. These conditions include the downtime of the virtual machine during migration,network bandwidth, and how the virtual machines are prioritized.
Resilience policies enable you to define how the virtual machines are prioritized in migration.
You can set cluster optimization for the Memory Overcommit Manager (MoM) to start ballooning whereand when possible, with a limitation of the guaranteed memory size of every virtual machine. To havea balloon running, a virtual machine needs to have a balloon device with relevant drivers. Each virtualmachine includes a balloon device unless specifically removed. Each host in the cluster receives a balloonpolicy update when its status changes to Up. If necessary, you can manually update the balloon policy ona KVM compute host without having to change the status.
Virtual Machines
Virtual machines can be created for either Linux or Windows. They can be created to a certain specificationor cloned from an existing template in the virtual machine pools.
A virtual machine pool is a group of on-demand virtual machines that are all clones of the same template.They are available to any user in a given group.
When accessed from the VM Portal, virtual machines in a pool are stateless, meaning that data is notpersistent across reboots. Each virtual machine in a pool uses the same backing read-only image, and
Virtual Machines
5
uses a temporary copy-on-write image to hold changed and newly generated data. Each time a virtualmachine is assigned from a pool, it is allocated in its base state. Users who have been granted permissionto access and use virtual machines from a pool receive an available virtual machine based on their positionin a queue of requests.
When accessed from the Administration Portal, virtual machines in a pool are not stateless so thatadministrators can make changes to the disk if needed.
Additional functionality for virtual machines is provided by the guest agents and drivers such as the abilityto monitor resource usage, shutdown and reboot the virtual machines from the Administration Portal.
A snapshot captures a virtual machine's operating system and applications on all available disks at agiven point in time. Use a snapshot to restore a virtual machine to its previous state.
You can only access virtual machine consoles using the Remote Viewer application (virt-viewer) onEnterprise Linux and Microsoft Windows clients. Remote Viewer enables users to interact with a virtualmachine in a similar way to a physical machine.
To download Remote Viewer, click Console Client Resources in the Downloads section on the OracleLinux Virtualization Manager Welcome page. You must have Administrator privileges to install the RemoteViewer application.
Guest Operating System Requirements
The following guest operating systems are tested with Oracle Linux Virtualization Manager.
Linux Guest Operating Systems
• Oracle Linux 7 Update 6 64-bit
• Oracle Linux 6 Update 10 32-bit or 64-bit, cloud-init is not available for this OS
• Oracle Linux 5 Update 11 64-bit, cloud-init is not available for this OS
• CentOS 7.1804 64-bit
• CentOS 6.10 32-bit or 64-bit, cloud-init is not available for this operating system
• Red Hat Enterprise Linux 7 Update 6 64-bit
• Red Hat Enterprise Linux 6 Update 10 32-bit or 64-bit, cloud-init is not available for this OS
• Red Hat Enterprise Linux 5 Update 11 32-bit or 64-bit, cloud-init is not available for this OS
You can download Oracle Linux ISO images and disk images from Oracle Software Delivery Cloud: https://edelivery.oracle.com/linux.
Microsoft Windows Guest Operating Systems
• Microsoft Windows Server 2016 64-bit
• Microsoft Windows Server 2012 R2 64-bit
• Microsoft Windows Server 2012 64-bit
• Microsoft Windows Server 2008 R2 SP1 64-bit
• Microsoft Windows Server 2008 SP1 32-bit or 64-bit
Scheduling, Load Balancing and Migration
6
• Microsoft Windows 10 32-bit or 64-bit
• Microsoft Windows 8.1 32-bit or 64-bit
• Microsoft Windows 8 32-bit or 64-bit
• Microsoft Windows 7 SP1 32-bit or 64-bit
Oracle recommends that you install the Oracle VirtIO Drivers for Microsoft Windows in Windows guestOSes for improved performance for network and block (disk) devices and to resolve common issues. Thedrivers are paravirtualized drivers for Microsoft Windows guests running on Oracle Linux KVM hypervisors.For instructions on how to obtain and install the drivers, see Oracle VirtIO Drivers for Microsoft Windows inthe Oracle Linux 7 Administration Guide.
Scheduling, Load Balancing and Migration
A cluster is a group of Oracle Linux KVM compute hosts that share resources. Each KVM compute hostin a cluster has limited resources. If a KVM compute host becomes overutilized, there is an adverseimpact on the virtual machines that are running on the host. To avoid or mitigate overutlization, you usescheduling, load balancing, and migration policies to ensure the performance of virtual machines. If a KVMcompute host becomes overutilized, VMs are migrated to another KVM compute host in the cluster.
Scheduling policies enable you to ensure the resources in a cluster meet your goals. A policy can containfilters, weightings, and load balancing policies, as follows:
• A filter is a set of conditions applied to the hosts for exclusion from a policy.
• Weighting prioritizes a number of factors to determine which hosts are capable of running a virtualmachine.
• Load balancing policies used to determine on which host a VM is running are enforced by schedulingpolicies.
Regardless of the scheduling policy, a virtual machine does not start on a host with an overloaded CPU. Bydefault, a host’s CPU is considered overloaded if it has a load of more than 80% for 5 minutes, but thesevalues can be changed using scheduling policies.
Load balancing policies enable you to distribute the workload by moving virtual machines from one hostto another. Load balancing policies are set at the cluster level and determine the KVM compute host thatruns a virtual machines.
Affinity groups enable you to specify whether certain virtual machines run together on the same host orrun separately on different hosts. You can create workload scenarios for high availability needs.
You use migration policies to migrate VMs automatically when certain conditions are met, such as whenyou move a KVM compute host to Maintenance mode. You can also use migration policies to disable theautomatic migration of virtual machines.
Live migration enables you to migrate virtual machines from one KVM compute host to another withouta loss of service. The virtual machine being migrated remains powered on with all user applicationscontinuing to execute. Live migration is only available if you use shared storage.
High Availability
To make an Oracle Linux KVM compute host highly available, power management and fencing must beconfigured. This enables the Manager to keep the hosts in a cluster up and running by reacting to host
Storage
7
failures. If a KVM compute host becomes non-responsive, it is rebooted. If it remains non-responsivemanual intervention needs to be taken.
Oracle Linux Virtualization Manager does not communicate directly with fence agents. Instead, it usesa proxy to send power management commands to a KVM compute host power management device.The Manager uses VDSM daemon to execute power management device actions, so another host in theenvironment is used as a fencing proxy.
You need at least two KVM compute hosts in a cluster or data center that are in Up or Maintenance statusto ensure they are connected to the Manager.
You can select between:
• Any host in the same cluster as the host requiring fencing.
• Any host in the same data center as the host requiring fencing.
A viable fencing proxy host has a status of either Up or Maintenance.
If power management is not enabled, you can restart or stop a KVM compute host from the AdministrationPortal.
When a KVM compute host goes into Maintenance mode, all VMs are migrated to other servers in thecluster. This mean there is no downtime for virtual machines during planned maintenance windows.
If a virtual machine is unexpectedly terminated, it will be automatically restarted, either on the same KVMcompute host or another host in the cluster. This is achieved through monitoring of the hosts and storageto detect any hardware failures. If a virtual machine has been configured as highly available and the hostfails, it is automatically restarted on another KVM compute host in the cluster. If a storage error occurs,the virtual machine is paused. What happens to the virtual machines after the storage connection is re-established can be configured.
Load balancing, scheduling, and resiliency policies, enable critical VMs to be restarted on another KVMcompute host in the event of hardware failure with three levels of priority. For more information, seeScheduling, Load Balancing and Migration.
StorageOracle Linux Virtualization Manager uses a centralized storage system for virtual machine disk images,ISO files and snapshots. You can use Network File System (NFS), Internet Small Computer SystemInterface (iSCSI), or Fibre Channel Protocol (FCP) storage. You can also configure local storage attacheddirectly to hosts.
A data center cannot be initialized unless a storage domain is attached to it and activated.
The storage must be located on the same subnet as the Oracle Linux KVM hosts that will use the storage,in order to avoid issues with routing.
Since you need to create, configure, attach and maintain storage, make sure you are familiar with thestorage types and their use. Read your storage array manufacturer guides for more information.
Storage Domains
A storage domain is a collection of images that have a common storage interface. A storage domaincontains complete images of templates, VMs, VM snapshots, or ISO files. Oracle Linux VirtualizationManager supports storage domains that are block devices (SAN - iSCSI or FCP) or a file system (NAS -NFS).
Local Storage
8
On NFS, all virtual disks, templates, and snapshots are files. On SAN (iSCSI/FCP), each virtual disk,template or snapshot is a logical volume.
Virtual machines that share the same storage domain can be migrated between hosts that belong to thesame cluster.
Storage, also referred to as a data domain, is used to store the virtual hard disks, snapshots, ISO files,and Open Virtualization Format (OVF) files for virtual machines and templates. Every data center musthave at least one data domain. Data domains cannot be shared between data centers.
Note
The Administration Portal currently offers options for creating storage domains thatare export domains or ISO domains. These options are deprecated.
Detaching a storage domain from a data center stops the association, but does not remove the storagedomain from the environment. A detached storage domain can be attached to another data center. And,the data, such as VMs and templates, remains attached to the storage domain.
Local Storage
Local storage is storage that is attached directly to an Oracle Linux KVM compute host, such as a localphysical disk or a locally attached SAN.
When a KVM compute host is configured to use local storage, it is automatically added to a cluster where itis the only host. This is because clusters with multiple hosts must have shared storage domains accessibleto all hosts.
When you use local storage, features such as live migration, scheduling, and fencing are not available.
Storage Pool Manager
The Storage Pool Manager (SPM) is a management role assigned to one of the hosts in a data centerenabling it to manage the storage domains of the data center. Any host in the data center can run the SPMentity, which is assigned by the Manager. SPM controls access to storage by coordinating the metadataacross the storage domains. This includes creating, deleting, and manipulating virtual disks (images),snapshots, and templates, and allocating storage for sparse block devices (on SAN).
The host running as SPM can still host virtual resources. The SPM priority setting for hosts enables youto prioritize which host is assigned the SPM role. Since the SPM role uses some of the host's availableresources, it is important to prioritize hosts that can afford the resources.
Because the SPM must always be available, the Manager assigns the SPM role to another host if the SPMhost becomes unavailable. A host with higher SPM priority is assigned the SPM role before a host withlower SPM priority.
Virtual Disks
The Storage Pool Manager (SPM) is responsible for creating and deleting virtual disks, as well assnapshots, and templates. In addition it allocates storage for sparse block devices.
If the storage type is NFS or local, the SPM creates a thin provisioned virtual disk by default.
If the storage type is iSCSI or other block-based devices, Logical Unit Numbers (LUNs) are provided to theSPM. Then, a volume group on top of the LUNs and logical volumes for use as virtual machine disks arecreated and the SPM preallocates the space by default.
Network
9
If a virtual disk is thinly provisioned, a 1 GB logical volume is created with a QCOW2 format. Use thinprovisioning for virtual machines with low I/O requirements.
The VM's host continuously monitors the logical volume used for its virtual disk. You can set a threshold sothat when the disk usage nears the threshold the host notifies the SPM and extends the logical volume by1 GB.
If the storage in a pool starts to become exhausted, a new LUN can be added to the volume group. TheSPM automatically distributes the additional storage to logical volumes that need it.
If a virtual disk is preallocated, a logical volume of the specified size in GB and a virtual disk of RAW formatis created. Use preallocated disks for virtual machines with high levels of I/O. Preallocated disks cannot beenlarged.
If an application requires storage to be shared between virtual machines, use Shareable virtual diskswhich can be attached to multiple virtual machines concurrently.
QCOW2 format virtual disks cannot be shareable. You cannot take a snapshot of a shared disk and virtualdisks that have snapshots cannot be marked shareable. You cannot live migrate a shared disk.
If the VMs are not cluster-aware, mark shareable disks as read-only to avoid data corruption.
Use direct LUN to enable virtual machines to directly access RAW block-based storage devices on thehost bus adapter (HBA). The mapping of the direct LUN to the host causes the storage to be emulated asfile-based storage to virtual machines. This removes a layer of abstraction between virtual machines andtheir data as the virtual machine is being granted direct access to block-based storage LUNs.
NetworkThe following are general, high-level networking recommendations.
• Use bond network interfaces, especially on production hosts
• Use VLANs to separate different traffic types
• Use 1 GbE networks for management traffic
• Use 10 GbE or 40 GbE for virtual machines and Ethernet-based storage
• When adding physical interfaces to a host for storage use, uncheck VM network so that the VLAN isassigned directly to the physical interface
The Oracle Linux Virtualization Manager host and all Oracle Linux KVM hosts must have a fully qualifieddomain name (FQDN) as well as forward and reverse name resolution. Oracle recommend using DNS.Alternatively, you can use the /etc/hosts file for name resolution, however, this requires more work andis error-prone.
All DNS services used for name resolution must be hosted outside of the environment.
Logical Networks
In Oracle Linux Virtualization Manager, you configure logical networks to represent the resources requiredto ensure the network connectivity of the Oracle Linux KVM compute hosts for a specific purpose, forexample to indicate that a network interface controller (NIC) is on a management network.
You define a logical network for a data center, apply the network to one or more clusters, and thenconfigure the hosts by assigning the logical networks to the hosts physical interfaces. Once you implement
VLANs
10
the network on all the hosts in a cluster, the network becomes operational. You perform all theseoperations from the Administration Portal.
At the cluster level, you can assign one or more network roles to a logical network to specify its purpose:
• A management network is used for communication between Oracle Linux Virtualization Manager andthe hosts.
• A VM network is used for virtual machine communication, a virtual machine's virtual NIC is attached to aVM network.
• A display network is used to connect clients to virtual machine graphical consoles, using either theSPICE, VNC or RDP protocols.
• A migration network is used to migrate virtual machines between the hosts in a cluster.
By default a single logical network named ovirtmgmt is created and this is used for all networkcommunication in a data center. You separate the network traffic according to your needs by defining andapplying additional logical networks.
One logical network is configured as the default route for the hosts.
A logical network can be marked as a required network. If a required network ceases to function, any KVMcompute hosts associated with the network become non-operational.
For logical networks that are not VM networks, you connect the host directly to the network using either aphysical network interface, a VLAN interface, or a bond.
For VM networks, a bridge is created on the host for each logical network. Virtual machine VNICs areconnected to the bridges as needed. The bridge is connected to the network using either a physicalnetwork interface, a VLAN interface, or a bond.
You can perform most network configuration operations on hosts from the Administration Portal, including:
• Assign a host NIC to logical networks.
• Configure a NIC's boot protocol, IP settings, and DNS settings.
• Create bonds and VLAN interfaces on KVM compute hosts.
When there are a large number of KVM compute hosts and logical networks, using network labels enablesyou to simplify administration. Labels can be applied to logical networks and host interfaces. When you seta label on a network, you to deploy the network on host NICs that have the same label. This requires thatthe host NICs are configured for DHCP.
VLANs
A virtual local area network (VLAN) enables hosts and virtual machines to communicate regardless of theiractual physical location on a LAN.
VLANs enable you improve security by segregating network traffic. Broadcasts between devices in thesame VLAN are not visible to other devices with a different VLAN, even if they exist on the same switch.
VLANs can also help to compensate for the lack of physical NICs on hosts. A host or virtual machine canbe connected to different VLANs using a single physical NIC or bond. This is implemented using VLANinterfaces.
Bonds
11
A VLAN is identified by an ID. A VLAN interface attached to a host's NIC or bond is assigned a VLAN IDand handles the traffic for the VLAN. When traffic is routed through the VLAN interface, it is automaticallytagged with the VLAN ID configured for that interface, and is then routed through the NIC or bond that theVLAN interface is attached to.
The switch uses the VLAN ID to segregate traffic among the different VLANs operating on the samephysical link. In this way, a VLAN functions exactly like a separate physical connection.
You need to configure the VLANs needed to support your logical networks before you can use them.This is usually accomplished using switch trunking. Trunking involves configuring ports on the switch toenable multiple VLAN traffic on these ports, to ensure that packets are correctly transmitted to their finaldestination. The configuration required depends on the switches you use.
When you create a logical network, you can assign a VLAN ID to the network. When you assign a hostNIC or bond to the network, the VLAN interface is automatically created on the host and attached to theselected device.
Bonds
Bonds bind multiple NICs into a single interface. A bonded network interface combines the transmissioncapability of all the NICs included in the bond and acts as a single network interface, which can providegreater transmission speed. Because all network interface cards in the bond must fail for the bond itself tofail, bonding provides increased fault tolerance.
Virtual NICs
A virtual machine uses a virtual network interface controller (VNIC) to connect to a logical network.
VNICs are always attached to a bridge on a KVM compute host. A bridge is a software network device thatenables the VNICS to share a physical network connection and to appear as separate physical devices ona logical network.
Oracle Linux Virtualization Manager automatically assigns a MAC address to a VNIC. Each MAC addresscorresponds to a single VNIC. Because MAC addresses must be unique on a network, the MAC addressesare allocated from a predefined range of addresses, known as a MAC address pool. MAC address poolsare defined for a cluster.
Virtual machines are connected to a logical network by their VNICs. The IP address of each VNIC can beset independently, by DHCP or statically, using the tools available in the operating system of the virtualmachine. To use DHCP, you need to configure a DHCP server on the logical network.
Virtual machines can communicate with any other machine on the virtual network, and, depending on theconfiguration of the logical network, with public networks such as the Internet.
12
13
Chapter 2 Installing the Manager
Table of ContentsManager Host Requirements ............................................................................................................. 13Installing the Manager ...................................................................................................................... 14Configuring the Manager .................................................................................................................. 15Manager Configuration Options ......................................................................................................... 16Logging in to the Administration Portal .............................................................................................. 21Manager Host Firewall Requirements ................................................................................................ 22
To install Oracle Linux Virtualization Manager, you perform a fresh installation of Oracle Linux 7 Update 6on the host, install the ovirt-engine package, and then run the engine-setup command to configurethe Manager.
Manager Host RequirementsThe following are the minimum system requirements for Oracle Linux Virtualization Manager hosts:
• Oracle Linux 7 Update 6Select Minimal Install as the base environment for the installation.
• Unbreakable Enterprise Kernel Release 5 Update 1 or later• 64-bit dual-core CPU
Recommended: 64-bit quad core or greater CPU• 4 GB RAM
Recommended: 16 GB or greater• 1 network interface card (NIC) with bandwidth of at least 1 Gbps
Recommended: 2 or more NICs with bandwidth of at least 1 Gbps• 25 GB local writable hard disk
Recommended: 50 GB or greater
For information about x86-based servers that are certified for Oracle Linux with UEK, see the HardwareCertification List for Oracle Linux and Oracle VM at https://linux.oracle.com/hardware-certifications.
For more details about system requirements and known issues with installation, see:
• The Oracle Linux 7 Release Notes for your release at https://docs.oracle.com/en/operating-systems/oracle-linux/7/relnotes7.0/index.html.
• The Unbreakable Enterprise Kernel Release 5 Release Notes for your release at https://docs.oracle.com/en/operating-systems/uek/.
• The Oracle Linux 7 Installation Guide at https://docs.oracle.com/en/operating-systems/oracle-linux/7/install/.
Important
Oracle does not support Oracle Linux Virtualization Manager on systems wherethe ol7_preview, ol7_developer, ol7_developer_kvm_utils, orol7_developer_EPEL repositories are enabled, or where software from theserepositories is currently installed on the systems where the Manager will run.Even if you follow the instructions in this document, you may render your platformunsupported if these repositories or channels are enabled or software from thesechannels or repositories is installed on your system.
Installing the Manager
14
Installing the Manager
You must perform a fresh installation of Oracle Linux 7 Update 6 an Oracle Linux Virtualization Managerhost before installing the Manager. You can download the installation ISO for the latest Oracle Linux 7Update 6 from the Oracle Software Delivery Cloud at https://edelivery.oracle.com.
1. Install Oracle Linux 7 Update 6 on the host using the Minimal Install base environment.
Follow the instructions in the Oracle Linux 7 Installation Guide at https://docs.oracle.com/en/operating-systems/oracle-linux/7/install/
Important
Do not install any additional packages until after you have installed the Managerpackages, because they may cause dependency issues.
2. (Optional) If you use a proxy server for Internet access, configure Yum with the proxy server settings.For more information, see Configuring Use of a Proxy Server at https://docs.oracle.com/en/operating-systems/oracle-linux/7/admin/ol7-proxy-config.html.
3. Do one of the following.
a. For ULN registered hosts only: If the host is registered on ULN, subscribe the system to therequired channels.
i. Log in to https://linux.oracle.com with your ULN user name and password.
ii. On the Systems tab, click the link named for the host in the list of registered machines.
iii. On the System Details page, click Manage Subscriptions.
iv. On the System Summary page, select each required channel from the list of available channelsand click the right arrow to move the channel to the list of subscribed channels. Subscribe thesystem to the following channels:
• ol7_x86_64_latest
• ol7_x86_64_optional_latest
• ol7_x86_64_kvm_utils
• ol7_x86_64_ovirt42
• ol7_x86_64_ovirt42_extras
• ol7_x86_64_gluster312
• (For VDSM) ol7_x86_64_UEKR5
v. Click Save Subscriptions.
b. For Oracle Linux yum server hosts only: Install the Oracle Linux Virtualization Manager Release4.2.8 package and enable the required repositories.
i. (Optional) Make sure the host is using the modular yum repository configuration. For moreinformation, see Getting Started with Oracle Linux Yum Server at http://yum.oracle.com/getting-started.html.
Configuring the Manager
15
ii. Install the Oracle Linux Virtualization Manager Release 4.2.8 package.
# yum install https://yum.oracle.com/repo/OracleLinux/OL7/ovirt42/x86_64/ovirt-release42.rpm
iii. Use the yum command to verify that the required repositories are enabled.
A. Clear the yum cache.
# yum clean all
B. List the configured repositories and verify that the required repositories are enabled.
# yum repolist
The following repositories must be enabled:
• ol7_latest
• olv_ol7_optional_latest
• olv_ol7_kvm-utils
• olv_ol7_gluster312
• ol7_UEKR5
• ovirt-4.2
• ovirt-4.2-extra
C. If a required repository is not enabled, use the yum-config-manager to enable it.
# yum-config-manager enable repository
4. Install the Manager using the ovirt-engine command.
# yum install ovirt-engine
Proceed to Configuring the Manager.
Configuring the Manager
After you install the Oracle Linux Virtualization Manager, you run the engine-setup command (theSetup program) to configure Manager. You are prompted to answer a series of questions whose valuesare used to configure Manager. Since many of these questions relate to features that are currently intechnology preview, Oracle recommends that you accept the default values for these features. SeeManager Configuration Options.
The Manager uses two PostgreSQL databases: one for the engine and one for the data warehouse. Bydefault, Setup creates and configures the engine database locally on the Manager host. Alternatively, youcan configure the Manager host to use a manually-configured local or remote database. If you choose touse a manually-configured local or remote database, you must set it up before running engine-setup.
Currently, running the engine or data warehouse database on a remote host is a technology previewfeature. See Technology Preview
To configure the Manager:
Manager Configuration Options
16
1. Run the engine-setup command on the host where you installed the Manager.
Note
Run engine-setup --accept-defaults to automatically accept allquestions that have default answers.
The Setup program prompts you to configure the Manager.
2. Enter Yes to configure the Manager
Configure Engine on this host (Yes, No) [Yes]:
If you enter No, the configuration stops. To restart, rerun the engine-setup command.
3. For the remaining configuration questions, provide input or accept default values, which are in squarebrackets after each question. To accept the default value for a given question, press Enter.
Note
Setup asks you for the fully qualified DNS name (FQDN) of the Manager host.Although Setup tries to automatically detect the name, you must ensure theFQDN is correct.
For detailed information on the configuration options, see ManagerConfiguration Options.
4. Once you have answered all the questions, Setup displays a list of the values you entered. Review thelist carefully and then press Enter to configure the Manager.
Your answers are saved to a file that can be used to reconfigure the Manager using the same values.Setup also displays the location of the log file for the configuration process.
5. When the configuration is complete, details about how to log in to the Administration Portal aredisplayed. To verify that the configuration was successful, log into the Administration Portal, asdescribed in Logging in to the Administration Portal.
Manager Configuration OptionsThe following information describes the options for configuring Oracle Linux Virtualization Manager whenyou run the engine-setup command:
• Image I/O Proxy
• WebSocket Proxy
• Data Warehouse
• VM Console Proxy
• OVN Provider
• Manager DNS Name
• Automatic Firewall Configuration
• Data Warehouse Database
• Engine Database
Image I/O Proxy
17
• Admin User Password
• Application Mode
• OVN Provider Credentials
• SAN Wipe After Delete
• Web Server Configuration
• Data Warehouse Sampling Scale
Image I/O ProxyConfigure Image I/O Proxy on this host? (Yes, No) [Yes]:
The Image I/O Proxy (ovirt-imageio-proxy) enables you to upload virtual disks into storage domains.
WebSocket ProxyConfigure WebSocket Proxy on this machine? (Yes, No) [Yes]:
The WebSocket Proxy enables you to connect to virtual machines using the noVNC or HTML 5 consoles.
For security and performance reasons, you can configure the WebSocket Proxy on a remote host.
Data WarehousePlease note: Data Warehouse is required for the engine. If you choose to not configure it on this host, you have to configure it on a remote host, and then configure the engine on this host so that it can access the database of the remote Data Warehouse host.Configure Data Warehouse on this host (Yes, No) [Yes]:
The Data Warehouse feature can run on the Manager host or on a remote host. Running Data Warehouseon a remote host reduces the load on the Manager host.
Running the Data Warehouse on a remote host is currently a technology preview feature, see TechnologyPreview.
VM Console ProxyConfigure VM Console Proxy on this host (Yes, No) [Yes]:
The VM Console Proxy enables you to access virtual machine serial consoles from a command line. Touse this feature, serial consoles must be enabled in the virtual machines.
OVN ProviderConfigure ovirt-provider-ovn (Yes, No) [Yes]:
Install the Open Virtual Network (OVN) provider on the Manager host and add it as an external networkprovider. The default cluster is automatically configured to use OVN as its network provider.
OVN is an OVS (Open vSwitch) extension which enables you to configure virtual networks.
Using external providers, including the OVN provider, is currently a technology preview feature, seeTechnology Preview.
Manager DNS Name
18
Manager DNS Name
Host fully qualified DNS name of this server [<autodetected-host-name>]:
The fully qualified DNS name of the Manager host. Check that the automatically detected DNS name iscorrect.
Automatic Firewall Configuration
Setup can automatically configure the firewall on this system.Note: automatic configuration of the firewall may overwrite current settings.NOTICE: iptables is deprecated and will be removed in future releasesDo you want Setup to configure the firewall? (Yes, No) [Yes]:
Configure the firewall on the host to open the ports used for external communication between Oracle LinuxVirtualization Manager and the components it manages.
If Setup configures the firewall, and no firewall managers are active, you are prompted to select a firewallmanager from a list.
If you enter No, you must manually configure the firewall. When the Manager configuration is complete,Setup displays a list of ports that need to be opened, see Manager Host Firewall Requirements for details.
Data Warehouse Database
Where is the DWH database located? (Local, Remote) [Local]:
The Data Warehouse database (the history database) can run on the Manager host or on a remote host.Running the database on a remote host reduces the load on the Manager host.
Running the database on a remote host is currently a technology preview feature, see TechnologyPreview.
Caution
In this step you configure the name of the database, and the user name andpassword for connecting to it. Make a note of these details.
Enter Local to connect to a local PostgreSQL server, or Remote to connect to an existing PostgreSQLserver running on a remote host.
If you enter Local, you can choose whether to set up a local PostgreSQL server automatically, or toconnect to an existing local PostgreSQL server.
Setup can configure the local postgresql server automatically for the DWH to run. This may conflict with existing applications.Would you like Setup to automatically configure postgresql and create DWH database, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
Enter Automatic to have Setup configure a local database server, or Manual to connect to an existinglocal database server. If you enter Manual, you are prompted for the details for connecting to thedatabase:
DWH database secured connection (Yes, No) [No]:DWH database name [ovirt_engine_history]:DWH database user [ovirt_engine_history]:DWH database password:
Engine Database
19
If you enter Remote to connect to an existing PostgreSQL server running on a remote host, you areprompted for the details for connecting to the database:
DWH database host [localhost]:DWH database port [5432]:DWH database secured connection (Yes, No) [No]:DWH database name [ovirt_engine_history]:DWH database user [ovirt_engine_history]:DWH database password:
Engine DatabaseWhere is the Engine database located? (Local, Remote) [Local]:
The Oracle Linux Virtualization Manager database (the engine database) can run on the Manager host oron a remote host. Running the database on a remote host reduces the load on the Manager host.
Running the database on a remote host is currently a technology preview feature, see TechnologyPreview.
Caution
In this step you configure the name of the database, and the user name andpassword for connecting to it. Make a note of these details.
Enter Local to connect to a local PostgreSQL server, or Remote to connect to an existing PostgreSQLserver running on a remote host.
If you enter Local, you can choose whether to set up a local PostgreSQL server automatically, or toconnect to an existing local PostgreSQL server.
Setup can configure the local postgresql server automatically for the engine to run.This may conflict with existing applications.Would you like Setup to automatically configure postgresql and create Engine database, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
Enter Automatic to have Setup configure a local database server, or Manual to connect to an existinglocal database server. If you enter Manual, you are prompted for the details for connecting to thedatabase:
Engine database secured connection (Yes, No) [No]:Engine database name [engine]:Engine database user [engine]:Engine database password:
If you enter Remote to connect to an existing PostgreSQL server running on a remote host, you areprompted for the details for connecting to the database:
Engine database host [localhost]:Engine database port [5432]:Engine database secured connection (Yes, No) [No]:Engine database name [engine]:Engine database user [engine]:Engine database password:
Admin User PasswordEngine admin password:Confirm engine admin password:
Enter a password for the default administrative user (admin@internal). Make a note of the password.
Application Mode
20
Application ModeApplication mode (Both, Virt, Gluster) [Both]:
The Manager can be configured to manage virtual machines (Virt) or manage Gluster clusters(Gluster) , or Both.
OVN Provider CredentialsUse default credentials (admin@internal) for ovirt-provider-ovn (Yes, No) [Yes]:oVirt OVN provider user[admin@internal]:oVirt OVN provider password:
If you installed the OVN provider, configure the credentials for connecting to the OVN (Open vSwitch)databases.
Using external providers, including the OVN provider, is currently a technology preview feature, seeTechnology Preview.
SAN Wipe After DeleteDefault SAN wipe after delete (Yes, No) [No]:
Enter Yes to set the default value for the wipe_after_delete flag to true, which wipes the blocks of avirtual disk when it is deleted.
Using the wipe after delete functionality is currently a technology preview feature, see Technology Preview.
Web Server ConfigurationOrganization name for certificate [<autodetected-domain-based-name>]:
Provide the organization name to use for the automatically generated self-signed SSL certificate used bythe Manager web server.
Setup can configure the default page of the web server to present the application home page. This may conflict with existing applications.Do you wish to set the application as the default web page of the server? (Yes, No) [Yes]:
Enter Yes to make the Oracle Linux Virtualization Manager landing page the default page presented by theweb server.
Setup can configure apache to use SSL using a certificate issued from the internal CA. Do you wish Setup to configure that, or prefer to perform that manually? (Automatic, Manual) [Automatic]:
Enter Automatic to generate a self-signed SSL certificate for the web server. Only use self-signedcertificates for testing purposes.
Enter Manual to provide the location of the SSL certificate and private key to use the web server.
Data Warehouse Sampling ScalePlease choose Data Warehouse sampling scale:(1) Basic(2) Full(1, 2)[1]:
Set the Data Warehouse sampling scale, either Basic or Full. This step is skipped the Data Warehouse isnot configured to run on the Manager host.
Logging in to the Administration Portal
21
Enter 1 for Basic, which reduces the values of DWH_TABLES_KEEP_HOURLY to 720 andDWH_TABLES_KEEP_DAILY to 0. Enter 2 for Full.
If the Manager and the Data Warehouse run on the same host, Basic is the recommended sample scalebecause this reduces the load on the Manager host. Full is recommended only if the Data Warehouse runson a remote host.
The Full sampling scale is currently a technology preview feature, see Technology Preview.
Logging in to the Administration Portal
After you run the engine-setup command to configure Oracle Linux Virtualization Manager, you shouldlog into the Administration Portal to verify that the configuration was successful.
Preparing to Log in
It is recommended that you use the latest version one of the following browsers to access theAdministration Portal
• Mozilla Firefox
• Google Chrome
• Apple Safari
• Microsoft Internet Explorer 11
• Microsoft Edge
If Oracle Linux Virtualization Manager was configured to use a self-signed SSL certificate, or an SSLcertificate that is signed by a Certificate Authority (CA) that is not trusted by the browser (for example anIntermediate CA), you should install the CA certificate in the browser. Consult your browser's instructionsfor how to import a CA certificate. You can download the CA certificate from the Manager at:
http://manager-fqdn/ovirt-engine/services/pki-resource?resource=ca-certificate&format=X509-PEM-CA
Usually you access the Administration Portal using the fully qualified domain name of the Manager hostthat you provided during installation. However, you can access the Administration Portal using an alternatehost name(s). To do this, you need to add a configuration file to the Manager as follows:
1. Log in to the Manager host as root.
2. Create the file /etc/ovirt-engine/engine.conf.d/99-custom-sso-setup.conf with thefollowing content:
SSO_ALTERNATE_ENGINE_FQDNS="alias1.example.com alias2.example.com"
The list of alternate host names must be separated by spaces.
3. Restart Oracle Linux Virtualization Manager.
# systemctl restart ovirt-engine
Logging in
You log in to the Administration Portal using a web browser and the default admin@internal user.
Next Steps
22
1. Go to https://manager-fqdn/ovirt-engine. The Welcome page displays.
2. (Optional) Change the preferred language from the drop-down list on the Welcome page.
You can view the Administration Portal in multiple languages. The default language is based on thelocale of your web browser.
3. Click Administration Portal. The Login page displays.
4. Enter admin for the Username and the password you specified when you configured the Manager.
5. From the Profile list, select internal and click Log In.
Next Steps
Now that you have configured and logged in to the Manager, the next step is to add Oracle Linux KVMcompute hosts, as described in Chapter 3, Installing KVM Compute Hosts.
You also need to add storage and configure logical networks. See Adding Storage and Creating a LogicalNetwork in the Oracle Linux Virtualization Manager Getting Started Guide
Logging Out
To log out of the Administration Portal, click the person icon in the header bar and click Sign Out. Youare returned to the Login page.
Manager Host Firewall RequirementsWhen you run the engine-setup command to configure Oracle Linux Virtualization Manager, youcan have the Setup program automatically configure the firewall ports on the host. Use the followinginformation if you want to manually configure firewalls.
The following ports are the default ports. The Setup program enables you to choose different ports forsome of the configuration options, see Manager Configuration Options.
Table 2.1 Oracle Linux Virtualization Manager Host Firewall Requirements
Port Protocol Source Destination Purpose
Notapplicable
ICMP Oracle Linux KVMcompute hosts
Manager host (Optional) Diagnostics
22 TCP External systems Manager host (Optional) SSH access to the Manager hostfor administration and maintenance
80 TCP Administration Portalclients
VM Portal clients
Oracle Linux KVMcompute hosts
REST API clients
Manager host HTTP access to the Manager
443 TCP Administration Portalclients
VM Portal clients
Manager host HTTPS access to the Manager
Remote Component Firewall Requirements
23
Port Protocol Source Destination PurposeOracle Linux KVMcompute hosts
REST API clients
2222 TCP Clients Manager host SSH access to VM serial consoles
5432 TCP,UDP Manager host
Data WarehouseService
External systems
Manager host (Optional) Connections to PostgreSQLdatabase server
Only required if the Engine database orthe Data Warehouse database run on theManager host
6100 TCP Administration Portalclients
VM Portal clients
Manager host (Optional) WebSocket proxy access to thenoVNC or HTML 5 VM consoles
Only required if the WebSocket proxy runs onthe Manager host
7410 UDP Oracle Linux KVMcompute hosts
Manager host (Optional) Kdump notifications
Only required if Kdump is enabled
54323 TCP Administration Portalclients
Manager host (Optional) Image I/O Proxy access to uploadimages
Only required if the Image I/O Proxy runs onthe Manager host
Remote Component Firewall Requirements
Some Oracle Linux Virtualization Manager components can run on separate remote hosts. Use thefollowing information to configure the firewall on these hosts.
Table 2.2 Remote Component Firewall Requirements
Port Protocol Source Destination Purpose
5432 TCP,UDP Manager host
Data WarehouseService
External systems
PostgreSQL databaseserver
Connections to PostgreSQL database server
Required if the Engine database or the DataWarehouse database run on a remote host
6100 TCP Administration Portalclients
VM Portal clients
WebSocket proxyhost
WebSocket proxy access to the noVNC orHTML 5 VM consoles
Required if the WebSocket proxy runs on aremote host
24
25
Chapter 3 Installing KVM Compute Hosts
Table of ContentsKVM Compute Host Requirements .................................................................................................... 25Configuring a KVM Compute Host .................................................................................................... 26Adding a KVM Compute Host to the Manager ................................................................................... 28KVM Compute Host Firewall Requirements ....................................................................................... 29
To manage an Oracle Linux KVM compute host using Oracle Linux Virtualization Manager, you preparethe host by performing a fresh installation of Oracle Linux 7 and enabling the required repositories, andthen you add the host to a data center using the Administration Portal.
KVM Compute Host Requirements
The following are the minimum system requirements for Oracle Linux KVM compute hosts:
• Oracle Linux 7 Update 6 or laterSelect Minimal Install as the base environment for the installation.
• Unbreakable Enterprise Kernel Release 5 Update 1 or later• 64-bit dual-core CPU
Recommended: Multiple CPUs
The CPUs must support either the Intel VT-x or the AMD AMD-V hardware virtualization extensions andthe extensions must be enabled in the host's BIOS. The CPUs must also support the No eXecute flag(NX).
• 2 GB RAMMaximum Tested: 2 TB
The amount of RAM required varies depending on guest operating system requirements, guestapplication requirements, and guest memory activity and usage.
• 1 network interface card (NIC) with bandwidth of at least 1 GbpsRecommended: 2 or more NICs with bandwidth of at least 1 Gbps
Multiple NICs are recommended so that NICs can be dedicated for network intensive activities, such asvirtual machine migration.
• 45 GB local writable hard disk allocated as follows:
Allocation Size
/ (root) 6 GB
/home 1 GB
/tmp 1 GB
/boot 1 GB
/var 15 GB
/var/log 8 GB
/var/log/audit 2 GB
swap 1 GB
Configuring a KVM Compute Host
26
Anaconda reserves 20% of the thin pool size within the volume group for future metadata expansion.This is to prevent an out-of-the-box configuration from running out of space under normal usageconditions. Oracle recommend using the default allocations which use more
For information about x86-based servers that are certified for Oracle Linux with UEK, see the HardwareCertification List for Oracle Linux and Oracle VM at https://linux.oracle.com/hardware-certifications.
Do not install any third-party watchdogs on your Oracle Linux KVM compute hosts, as they can interferewith the watchdog daemon provided by VDSM.
Do not install any other applications on the Oracle Linux KVM compute hosts as they may interfere with theoperation of the KVM hypervisor.
For more details about system requirements and known issues with installation, see:
• The Oracle Linux 7 Release Notes for your release at https://docs.oracle.com/en/operating-systems/oracle-linux/7/relnotes7.0/index.html.
• The Unbreakable Enterprise Kernel Release 5 Release Notes for your release at https://docs.oracle.com/en/operating-systems/uek/.
• The Oracle Linux 7 Installation Guide at https://docs.oracle.com/en/operating-systems/oracle-linux/7/install/.
Configuring a KVM Compute Host
You must perform a fresh installation of Oracle Linux 7 Update 6 on an Oracle Linux KVM compute hostbefore configuration.
You can download the installation ISO for the latest Oracle Linux 7 Update 6 update from the OracleSoftware Delivery Cloud at https://edelivery.oracle.com.
1. Install Oracle Linux 7 Update 6 on the host.
Follow the instructions in the Oracle Linux 7 Installation Guide at https://docs.oracle.com/en/operating-systems/oracle-linux/7/install/
Select Minimal Install as the base environment for the installation.
Do not install any additional packages until after you have added the host to the Manager, becausethey may cause dependency issues.
2. (Optional) If you use a proxy server for Internet access, configure Yum with the proxy server settings.For more information, see Configuring Use of a Proxy Server at https://docs.oracle.com/en/operating-systems/oracle-linux/7/admin/ol7-proxy-config.html.
3. Do one of the following.
a. For ULN registered hosts only: If the host is registered on ULN, subscribe the system to therequired channels.
i. Log in to https://linux.oracle.com with your ULN user name and password.
ii. On the Systems tab, click the link named for the host in the list of registered machines.
iii. On the System Details page, click Manage Subscriptions.
Configuring a KVM Compute Host
27
iv. On the System Summary page, select each required channel from the list of available channelsand click the right arrow to move the channel to the list of subscribed channels. Subscribe thesystem to the following channels:
• ol7_x86_64_latest
• ol7_x86_64_optional_latest
• ol7_x86_64_kvm_utils
• ol7_x86_64_ovirt42
• ol7_x86_64_ovirt42_extras
• ol7_x86_64_gluster312
• (For VDSM) ol7_x86_64_UEKR5
v. Click Save Subscriptions.
b. For Oracle Linux yum server configured KVM compute hosts only: Install the Oracle LinuxVirtualization Manager Release 4.2.8 package and enable the required repositories.
Note
Installing the Oracle Linux Virtualization Manager Release 4.2.8 packageconfigures an Oracle Linux KVM compute host; it does not install theManager.
i. (Optional) Make sure the host is using the modular yum repository configuration. For moreinformation, see Getting Started with Oracle Linux Yum Server at http://yum.oracle.com/getting-started.html.
ii. Install the Oracle Linux Virtualization Manager Release 4.2.8 package.
# yum install https://yum.oracle.com/repo/OracleLinux/OL7/ovirt42/x86_64/ovirt-release42.rpm
iii. Use the yum command to verify that the required repositories are enabled.
A. Clear the yum cache.
# yum clean all
B. List the configured repositories and verify that the required repositories are enabled.
# yum repolist
The following repositories must be enabled:
• ol7_latest
• olv_ol7_optional_latest
• olv_ol7_kvm-utils
• olv_ol7_gluster312
Adding a KVM Compute Host to the Manager
28
• ol7_UEKR5
• ovirt-4.2
• ovirt-4.2-extra
C. If a required repository is not enabled, use the yum-config-manager to enable it.
# yum-config-manager enable repository
4. (Optional) Open the Cockpit port.
# firewall-cmd --zone=public --add-port=9090/tcp
The Cockpit web interface can be used to monitor the host’s resources and to perform administrativetasks. You can access the host's Cockpit web interface from the Administration Portal or by connectingdirectly to the host.
For more information about configuring firewalld, see Controlling Access to Ports at https://docs.oracle.com/en/operating-systems/oracle-linux/7/admin/section_r22_155_5n.html
The KVM compute host is now ready to be added to the Manager using the Administration Portal.
Adding a KVM Compute Host to the ManagerOnce you have configured an Oracle Linux KVM compute host (see Configuring a KVM Compute Host),you use the Administration Portal to add the host to a data center so that it can be used to run virtualmachines.
When you install Oracle Linux Virtualization Manager, a data center and cluster named Default is created.You can rename and configure this data center and cluster, or you can add new data centers and clusters,to meet your needs. See Additional Administration Tasks in the Oracle Linux Virtualization ManagerGetting Started Guide for details of how to do this.
1. Log in to the Administration Portal.
See Logging in to the Administration Portal for details.
2. Go to Compute and then click Hosts.
3. On the Hosts pane, click New.
The New Host dialog box opens with the General tab selected on the sidebar.
4. From the Host Cluster drop-down list, select the data center and host cluster for the host.
By default, the Default data center is selected.
5. In the Name field, enter a name for the host.
6. In the Hostname field, enter the fully qualified DNS name for the host.
7. In the SSH Port field, change the standard SSH port 22 if the SSH server on the host uses a differentport.
8. Under Authentication, select the authentication method to use.
Oracle recommends that you select SSH PublicKey authentication. If you select this option, copy thekey displayed in the SSH PublicKey field to the /root/.ssh/authorized_keys file on the host.
KVM Compute Host Firewall Requirements
29
Otherwise, enter the root user's password to use password authentication.
9. (Optional) Configure other settings for the host from the other tabs on the New Host sidebar.
10. Click OK to add the host to the data center.
The host is added to the list of hosts in the Manager. While the Manager is installing the host agent(VDSM) and other required packages on the host, the status of the host is shown as Installing. Youcan view the progress of the installation in the details pane. When the host is added to the Manager,the host status changes to Up.
KVM Compute Host Firewall Requirements
When you add an Oracle Linux KVM compute host to Oracle Linux Virtualization Manager, the existingfirewall configuration on the host is overwritten and the required firewall ports are configured automatically.
To disable automatic firewall configuration when adding a KVM compute host, clear the Automaticallyconfigure host firewall check box under Advanced Parameters. Then use the following information tomanually configure the firewall.
Table 3.1 Oracle Linux KVM Compute Host Firewall Requirements
Port Protocol Source Destination Purpose
22 TCP Manager host KVM compute hosts (Optional) SSH access to KVM computehosts
111 TCP NFS storage server KVM compute hosts (Optional) NFS connections
Only required if you use NFS storage
161 UDP KVM compute hosts Manager host (Optional) Simple network managementprotocol (SNMP)
Only required if you want to send SNMP trapsto external SNMP managers
2223 TCP Manager host KVM compute hosts SSH access to VM serial consoles
5900 to6923
TCP Administration Portalclients
VM Portal clients
KVM compute hosts Access to VM consoles using VNC or SPICEprotocols
5989 TCP,UDP Common InformationModel ObjectManager (CIMOM)
KVM compute hosts (Optional) CIMOM connections
Only required if you use CIMOM to monitorVMs running on the host
6081 UDP KVM compute hosts KVM compute hosts (Optional) Open Virtual Network (OVN)connections
Only required if the OVN network provider isenabled
9090 TCP Manager host
Client machines
KVM compute hosts (Optional) Cockpit connections
Only required if Cockpit is installed
16514 TCP KVM compute hosts KVM compute hosts VM migration using libvirt
KVM Compute Host Firewall Requirements
30
Port Protocol Source Destination Purpose
49152 to49216
TCP KVM compute hosts KVM compute hosts Automated and manual VM migration andfencing using VDSM
54321 TCP Manager host
KVM compute hosts
KVM compute hosts VDSM communication with the Oracle LinuxVirtualization Manager and other KVMcompute hosts
54322 TCP Manager host
Image I/O Proxy host
KVM compute hosts (Optional) Communication with the Image I/OProxy to upload images
Only required if the Image I/O Proxy runs onthe Manager host or a separate host
